Could someone point me in a direction on how to apply field level security to my Rails app? Basically I have an update action on my controller, but based on the permissions of the person logged in, I want to control what fields they can update. Of course the model object should enforce this security as well as disabling the controls on the view if they don't have the permissions to edit it.
I have been through the Simple Access Control Example (http:// wiki.rubyonrails.org/rails/pages/SimpleAccessControlExample) which is good for applying permissions for whole actions, but I really need to go more granular sometimes.
Thanks, Brian R
